{"vulnerability": "CVE-2022-41076", "sightings": [{"uuid": "dc62bb8a-384c-48c1-aa9b-cf387c753356", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41076", "type": "published-proof-of-concept", "source": "Telegram/QbDffPK45sEvY1NSFLkD1751HQ35mEkhQAE9dpzBuhFZsnw", "content": "", "creation_timestamp": "2023-02-01T17:27:05.000000Z"}, {"uuid": "9cfe4dcf-2e5a-4995-9129-485cd155a74d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41076", "type": "published-proof-of-concept", "source": "Telegram/RFfwK1BBWd1yksqXOQORWmjVF_Swxhl7IKlxdVTfn7Fq5ds", "content": "", "creation_timestamp": "2023-02-02T06:34:32.000000Z"}, {"uuid": "8bed37e9-77f9-4f81-ae24-304cd2f6310e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41076", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1273", "content": "CVE-2022-41076\n\nThe OWASSRF + TabShell exploit chain\n\ntabshell_poc.ps1", "creation_timestamp": "2023-01-09T17:49:40.000000Z"}, {"uuid": "d7d98750-8e32-46df-a6e3-c140b2b2f3b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41076", "type": "published-proof-of-concept", "source": "Telegram/XbVANu0oDDLdSiNrK5AHO-lSfskiTXJSFLS2EPeeO7JcPLg", "content": "", "creation_timestamp": "2023-03-04T13:01:25.000000Z"}, {"uuid": "0f833d55-6d33-42c8-b199-3f71ac55266a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41076", "type": "published-proof-of-concept", "source": "Telegram/oRsY88da6I73cGl-qCrSnHo-IYzCGX_3hpJxkVr1dviH7oQ", "content": "", "creation_timestamp": "2023-02-13T07:16:05.000000Z"}, {"uuid": "82eab591-5055-47f0-be06-3ff458103282", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41076", "type": "published-proof-of-concept", "source": "Telegram/aUftZCBNqWFLmozew0JHAoVPxPg5BBbDzqvntHGXg8GYSLQ", "content": "", "creation_timestamp": "2023-03-15T18:13:05.000000Z"}, {"uuid": "fc6be123-521d-41cf-a442-c0e3ee3998c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41076", "type": "published-proof-of-concept", "source": "Telegram/u5npDIsaLJQK3m-zwd1mmkUUDg-h3-iQOw8rZU83WOV2NLE", "content": "", "creation_timestamp": "2023-01-09T23:20:19.000000Z"}, {"uuid": "34506efa-ad72-425a-9dc7-c8d1657a1af5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41076", "type": "published-proof-of-concept", "source": "https://t.me/zero_day_uz/280", "content": "Microsoft Exchange: OWASSRF + TabShell \n(CVE-2022-41076)\n\nThe TabShell vulnerability its a form of Privilege Escalation which allows breaking out of the restricted Powershell Sandbox after you have successfully gained access through OWASSRF.\n\nFor a detailed write see research: \nhttps://blog.viettelcybersecurity.com/tabshell-owassrf/\n\nPoC: \nhttps://gist.github.com/testanull/518871a2e2057caa2bc9c6ae6634103e\n\n#owa #ssrf #tabshell #poc", "creation_timestamp": "2023-01-10T09:14:55.000000Z"}, {"uuid": "e3566d6b-4161-46e6-a629-1e552f7823e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41076", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7503", "content": "#exploit\n1. CVE-2022-41076:\nThe OWASSRF + TabShell exploit chain\nhttps://blog.viettelcybersecurity.com/tabshell-owassrf\n]-> https://gist.github.com/testanull/518871a2e2057caa2bc9c6ae6634103e\n\n2. CVE-2022-3515/CVE-2022-47629:\nInteger overflow bug Libksba\u00a0library (x.509)\nhttps://github.com/elttam/publications/blob/master/writeups/CVE-2022-47629.md \n\n3. CVE-2022-44877:\nCentos Web Panel 7 Unauthenticated RCE\nhttps://github.com/numanturle/CVE-2022-44877", "creation_timestamp": "2023-01-10T05:13:06.000000Z"}, {"uuid": "6212e805-ff2e-4ea4-9bdf-06f97b7ffb87", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41076", "type": "published-proof-of-concept", "source": "https://t.me/professional_c_h/1888", "content": "\u2b55\ufe0fMicrosoft Exchange: OWASSRF + TabShell \n(CVE-2022-41076)\n\nThe TabShell vulnerability its a form of Privilege Escalation which allows breaking out of the restricted Powershell Sandbox after you have successfully gained access through OWASSRF.\n\nFor a detailed write see research: \nhttps://blog.viettelcybersecurity.com/tabshell-owassrf/\n\nPoC: \nhttps://gist.github.com/testanull/518871a2e2057caa2bc9c6ae6634103e\n\n#owa #ssrf #tabshell #poc\n\nChannels :\n@Professional_c_h\n@Card_Crack_Hack", "creation_timestamp": "2023-01-28T21:44:02.000000Z"}, {"uuid": "53adcc59-9d50-4760-898a-98f846f10ec2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41076", "type": "published-proof-of-concept", "source": "https://t.me/RalfHackerChannel/1297", "content": "Exchange CVE-2022-41076 Privilege Escalation (OWASSRF + TabShell)\n\nPoC: https://gist.github.com/testanull/518871a2e2057caa2bc9c6ae6634103e\n\u0421\u0442\u0430\u0442\u044c\u044f: https://blog.viettelcybersecurity.com/tabshell-owassrf/\n\u0412\u0438\u0434\u0435\u043e: https://www.youtube.com/watch?v=yzvLDo3cLYU\n\n#exploit #lpe #redteam #blueteam #report #pentest", "creation_timestamp": "2023-01-09T13:51:54.000000Z"}]}